Mobile Exploit Fingerprints Devices with Sensor Calibration DataMobile Exploit Fingerprints Devices with Sensor Calibration Data
Data from routines intended to calibrate motion sensors can identify individual iOS and Android devices in a newly released exploit.

Attackers can use some of the mechanisms around sensors in smartphones to track devices around the Internet with no special permissions or escalations required, according to researchers.
SensorID – the name researchers Jiexin Zhang, Alastair R. Beresford, and Ian Sheret have given the sensor calibration fingerprinting exploit (designated CVE-2019-8541) – was discovered in smartphones running iOS and Android. In essence, the exploit takes advantage of routines that calibrate gyroscope and magnetometer sensors on iOS, and accelerometer, gyroscope, and magnetometer sensors on Android, to infer and access information that can identify the individual device and couple that "fingerprint" with tracking cookies and other software to accurately track the device through its online travels.
Because of the way devices are calibrated at the factory, iOS systems are considered somewhat more vulnerable to the exploit than Android devices. Apple patched the vulnerability in iOS 12.2, released in March, while Google has yet to patch the issue in Android.
About the Author
You May Also Like
Securing the Remote Workforce
Feb 20, 2025Emerging Technologies and Their Impact on CISO Strategies
Feb 25, 2025How CISOs Navigate the Regulatory and Compliance Maze
Feb 26, 2025Where Does Outsourcing Make Sense for Your Organization?
Feb 27, 2025Shift Left: Integrating Security into the Software Development Lifecycle
Mar 5, 2025